package com.edu.dk.security.util;

import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletResponse;

/**
 * 
 * 扩展原cookie，使之支持HttpOnly cookie。
 *
 * 
 * 
 */
public class CookieSupport extends Cookie {
	private static final long serialVersionUID = -7993058016717935523L;
	private final static Method getHttpOnlyMethod = getHttpOnlyMethod();
	private boolean httpOnly;

	/** 创建一个cookie。 */
	public CookieSupport(String name, String value) {
		super(StringUtils.trimToNull(name), value);
	}

	/** 复制一个cookie。 */
	public CookieSupport(Cookie cookie) {
		this(cookie, null);
	}

	/** 复制一个cookie，修改cookie的名称。 */
	public CookieSupport(Cookie cookie, String name) {
		super(getCookieName(cookie, name), cookie.getValue());

		setVersion(cookie.getVersion());
		setMaxAge(cookie.getMaxAge());
		setSecure(cookie.getSecure());

		String comment = cookie.getComment();

		if (!StringUtils.isEmpty(comment)) {
			setComment(comment);
		}

		String domain = cookie.getDomain();

		if (!StringUtils.isEmpty(domain)) {
			setDomain(domain);
		}

		String path = cookie.getPath();

		if (!StringUtils.isEmpty(path)) {
			setPath(path);
		}

		if (cookie instanceof CookieSupport) {
			setHttpOnly(((CookieSupport) cookie).getHttpOnly());
		} else if (getHttpOnlyMethod != null) {
			try {
				setHttpOnly((Boolean) getHttpOnlyMethod.invoke(cookie, new Object[0]));
			} catch (InvocationTargetException e) {
				// Invocation of Cookie.isHttpOnly() failed
			} catch (IllegalAccessException e) {
				// Invocation of Cookie.isHttpOnly() failed
			} catch (IllegalArgumentException e) {
				// Invocation of Cookie.isHttpOnly() failed
			}
		}
	}

	/** 对于servlet spec 3.0，已经支持<code>isHttpOnly</code>方法。 */
	private static Method getHttpOnlyMethod() {
		Method m = null;
		try {
			m = Cookie.class.getMethod("isHttpOnly"); // servlet 3.0 spec draft
		} catch (Exception e) {
			try {
				m = Cookie.class.getMethod("getHttpOnly"); // 另一种可能
			} catch (Exception ee) {
			}
		}

		if (m != null) {
			// Method Cookie.isHttpOnly() defined in current version of servlet
			// API. CookieSupport will make use of it.
			return m;
		}

		// No method Cookie.isHttpOnly() defined in current version of servlet
		// API
		return null;
	}

	private static String getCookieName(Cookie cookie, String name) {
		name = StringUtils.trimToNull(name);

		if (name == null) {
			name = StringUtils.trimToNull(cookie.getName());
		}

		return name;
	}

	/** 是否生成IE6支持的HttpOnly标记。 */
	public boolean isHttpOnly() {
		return httpOnly;
	}

	/** 是否生成IE6支持的HttpOnly标记。 */
	public boolean getHttpOnly() {
		return httpOnly;
	}

	/** 是否生成IE6支持的HttpOnly标记。 */
	public void setHttpOnly(boolean httpOnly) {
		this.httpOnly = httpOnly;
	}

	public void setDomain(String domain) {
		domain = StringUtils.trimToEmpty(domain);

		if (!StringUtils.isEmpty(domain) && !domain.startsWith(".")) {
			domain = "." + domain;
		}

		super.setDomain(domain); // 根据RFC2109，确保以“.”为前缀

	}

	/** 将cookie添加到response中。 */
	public void addCookie(HttpServletResponse response) {
		response.addHeader(getCookieHeaderName(), getCookieHeaderValue());
	}

	/** 取得cookie header的名称。 */
	public String getCookieHeaderName() {
		return ServerCookie.getCookieHeaderName(getVersion());
	}

	/**
	 * 
	 * 取得cookie header的值。
	 *
	 * 
	 * 
	 * @throws IllegalArgumentException
	 * 
	 *             假如cookie value中包含非法值
	 * 
	 */
	public String getCookieHeaderValue() throws IllegalArgumentException {
		return appendCookieHeaderValue(new StringBuilder()).toString();
	}

	private StringBuilder appendCookieHeaderValue(StringBuilder buf) throws IllegalArgumentException {
		int version = getVersion();
		String name = ObjectUtils.defaultIfNull(getName(), StringUtils.EMPTY);
		String value = getValue();
		String path = getPath();
		String domain = StringUtils.trimToNull(getDomain());
		String comment = StringUtils.trimToNull(getComment());
		int maxAge = StringUtils.isEmpty(getValue()) ? 0 : getMaxAge(); // empty

		// value

		// means

		// remove cookie

		boolean secure = getSecure();
		boolean httpOnly = getHttpOnly();

		ServerCookie.appendCookieValue(buf, version, name, value, path, domain, comment, maxAge, secure, httpOnly);

		return buf;
	}

	/**
	 * 
	 * 生成set-cookie header的值，即使cookie value中包含非法值，也不会报错。
	 * 
	 * <p>
	 * 
	 * 请不要使用<code>toString()</code>方法来生成cookie header，而应该使用
	 * 
	 * <code>getCookieHeaderValue()</code>来取代。
	 * 
	 * </p>
	 * 
	 */

	public String toString() {
		StringBuilder buf = new StringBuilder().append(getCookieHeaderName()).append(": ");
		int length = buf.length();

		try {
			appendCookieHeaderValue(buf);
		} catch (IllegalArgumentException e) {
			buf.setLength(length);
			buf.append(e.getMessage());
		}

		return buf.toString();
	}
}